CVE-2023-49394

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Jan 10, 2024

Updated: Jan 17, 2024

CWE ID 601

Summary

CVE-2023-49394 is a vulnerability affecting Zentao versions 4.1.3 and earlier. This issue involves a URL redirect flaw that impairs the system's normal functioning. An attacker can exploit this vulnerability to redirect users to malicious websites, potentially leading to data theft or unauthorized access. Zentao urges users to upgrade to a patched version as soon as possible to mitigate this risk. The flaw could also disrupt services, causing inconvenience and potential business losses.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Easycorp Zentao

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tlEwPY
https://www.cve.org/CVERecord?id=CVE-2023-49394
https://nvd.nist.gov/vuln/detail/CVE-2023-49394

Back to Vulnerability Database

CVE-2023-49394

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations